If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Effective: September 2011 These forums are no longer used!

Unregistered,

Transparent Techologies is happy to announce we have launced a NEW
community support portal
to allow customers to communicate, ask questions, and share ideas about all of our products and services. Our new community portal
uses the same login information as our Helpdesk and Billing system uses, which means you have a single login to both locations.

Mail Spam issue

Hello, I have a problem, but for some reason I am unable to access the General Help forum. I can't even view that section, not just post there.

Anyhow, my problem is this... a couple of months ago, my hosting support company sent me an email saying they suspended my account because of some "mail spam" issue. I asked them what that means.. and they replied that one of my websites has a "tell a friend" function (my open-realty website obviously), and that this is causing the problem. They told me I should either disable the function or add a captcha to it.

I simply disabled the link that opens the "tell a friend" popup, and they didn't bother me for a few months.

2 days ago I found out my hosting account is suspended.. again! I told them that this is rediculous, they can't just suspend my account taking away my access to my emails, as well as some of my clients whose emails are hosted in my account. I asked them what is the problem this time.. and they didn't give me any specifics about the same "tell a friend function" but they told me it's the open-realty website again.

I'm pasting below what they told me...

"The messages were sent via the index.php script of your "kastelanos.com" domain. The software identifies itself as "Open-Realty 2.5.8 - Installed at http://kastelanos.com". I have unsuspended your account, but I have left the suspension page active for your kastelanos.com domain until this issue can be completely resolved. You should consult the manufacturer of your software to determine if an update is available that will prevent this from happening in the future and let us know what changes you have made.

We are not able to tell you specifically how this script was used to send spam, you will need to work with the software's developer to determine how this could happen and what you can do to prevent it from happening again."

In a desperate try to resolve this issue I hope that someone here can give me some information or solution to this, since I have no clue what to do right now. If I had time I would transfer all my websites to a new hosting server, as the whole suspending my account approach is unacceptable. Unfortunately I have no time at all for such procedure as I have a few websites with databases that require a bit more work than a simple file transfer.

Re: Mail Spam issue

Transparent Tech ceased all development and bug fixes for OR v2.x in 2009, The old 2.x versions definitely contain security vulnerabilities. You should upgrade to the latest version, those old vulnerabilities were addressed in v3.

If you have core file modifications, you will of course lose them during the upgrade.

You could have personally been hacked too via a virus or keylogger, and your index.php file replaced with a malicious script. This happens all the time and is not necessarly because of OR, weak passwords, or a virus on your PC can give hackers and spammers all they need to take over and use your account for whatever they want.

"Much of what looks like rudeness in hacker circles is not intended to give offense. Rather, it's the product of the direct, cut-through-the-BS communications style that is natural to people who are more concerned about solving problems than making others feel warm and fuzzy."

"We gotta' go to the crappy town where I'm a hero!"-Hoban 'Wash' Washburne 2485-2519

"When you’re born you get a ticket to the freak show. When you’re born in America, you get a front-row seat.."-George Carlin 1937-2008

Re: Mail Spam issue

can someone please tell me what is the best way to upgrade 2.5.8 to 3.x ?
What kind of backup should I do, things to keep in mind while doing the upgrade, etc.
Last thing I want is to mess it up ><
Thanks

Re: Mail Spam issue

I'd recommend removing all add-ons and attempt to upgrade a copy of the live site before attempting to upgrade the actual live site. I 'd also suggest that you read all of the blog articles, particularly the change logs released since OR v3.0.0 (we're up to v3.1.5 now) .

"Much of what looks like rudeness in hacker circles is not intended to give offense. Rather, it's the product of the direct, cut-through-the-BS communications style that is natural to people who are more concerned about solving problems than making others feel warm and fuzzy."

"We gotta' go to the crappy town where I'm a hero!"-Hoban 'Wash' Washburne 2485-2519

"When you’re born you get a ticket to the freak show. When you’re born in America, you get a front-row seat.."-George Carlin 1937-2008

Re: Mail Spam issue

I am having the same exact problem.. 140.000 emails in the email queue using the "tell a friend" form even though captcha is enabled.
We are running 2.5.8 with the Joomla 1.0 bridge.
We have thousands of of articles on our joomla site and we're afraid of upgrading...
We're also ranked #1 in google for several keyword phrases and we don't want to risk that as that's where most of our leads are generated from.

So my question is: How would we best go about and upgrade and maintain 1) all our links/articles 2) our ranking and links to articles etc?

Re: Mail Spam issue

Is there a way to quicly "disable" the tell-a-friend form? So it doesn't load?
I have already deleted the link from the webpages but obviously they already have the exact location of the script/form in their emailer system so the go to the exact URL direct.
Can I comment out some part of the core files until we have managed to upgrade?